Rate different types in reversing ?

[Jasi2169]

Hi guys as we know there are different types of cracking method for software, lets rate it

0. UNPACKING

1. KEYGENNING
2. PATCHING
3. CRACKING
4. HOOKING USING DLL/or javaagent etc any hooking/ loader
5. SERIAL

According to me; Unpacking is different but its on top, but letsvtalk about only general cracking methods, dont take unpacking/cryptog. Inside, you might have your own personal love for something, yes its not always available to do keygenning and other various factors like hardware lock/server check, but simple scenarios

Keyegnning > hook > serial > patching > cracking

I know cracking is only limited to one version most of the time and sometimes it's not possible to keygen or anything due to online or server checks or packing and we left with it.

[Jaspreet Singh]

Quote:

Originally Posted by Jasi2169

Hi guys as we know there are different types of cracking method for software, lets rate it

0. UNPACKING

1. KEYGENNING
2. PATCHING
3. CRACKING
4. HOOKING USING DLL/or javaagent etc any hooking
5. SERIAL

According to me; Unpacking is different but its on top

Keyegnning > hook > serial > patching > cracking

I know cracking is only limited to one version most of the time and sometimes it's not possible to keygen or anything due to online or server checks or packing and we left with it.

This is actually the correct order:
Keyegnning > serial > patching > cracking > hook

Keygenning = many serials
Serial = 1 serial
hook = loader that does not work on some or many recent Windows OS
cracking/patching are almost same.

[Moe]

Quote:

Originally Posted by Jaspreet Singh

This is actually the correct order:
Keyegnning > serial > patching > cracking > hook

Keygenning = many serials
Serial = 1 serial
hook = loader that does not work on some or many recent Windows OS
cracking/patching are almost same.

This is a good summary. All other forms of cracking fall under patching (either in memory or on disk) or keygen.

[Jupiter]

At first you should understand your target and type of protection it uses.

What if:
- your target is not packed
- your target doesn't use serials
- your target doesn't use registration keys
- your target is virtualised
- your target is using remote computations and remote resources
- your target is using distributed nodes and micro-services
- your target is using specific dedicated hardware
- your target is using remote authentication and authorisation

So, it looks like you're targeting only 'classic' desktop applications using classic approaches.

• No packing → no unpacking
• No serials and no keys → no key generation
• Virtualised code → de-virtualisation
• Specific hardware → hardware emulation
• Remote services → replacement services
• etc

[Jaspreet Singh]

Quote:

Originally Posted by Jupiter

At first you should understand your target and type of protection it uses.

What if:
- your target is not packed
- your target doesn't use serials
- your target doesn't use registration keys
- your target is virtualised
- your target is using remote computations and remote resources
- your target is using distributed nodes and micro-services
- your target is using specific dedicated hardware
- your target is using remote authentication and authorisation

So, it looks like you're targeting only 'classic' desktop applications using classic approaches.

• No packing → no unpacking
• No serials and no keys → no key generation
• Virtualised code → de-virtualisation
• Specific hardware → hardware emulation
• Remote services → replacement services
• etc

Of course, for this question we assume that all the mentioned ways to crack it like keygen, crack are available and we want to rate which is better or worse...

@blu devil Hardware based protection is sometimes not possible to crack at all, if done correct. So I agree with you.

[chants]

Quote:

Originally Posted by Jaspreet Singh

Of course, for this question we assume that all the mentioned ways to crack it like keygen, crack are available and we want to rate which is better or worse...

@blu devil Hardware based protection is sometimes not possible to crack at all, if done correct. So I agree with you.

Decryption is at the top of this as cryptography is based upon hard mathematical problems and has closer to theoretical soundness than all other methods. The rest, even hardware are security by obscurity in various forms.

Don't forget crippleware where code is literally absent from the target and must be painstakingly hand built back. That's also at the top of the list.

So that original list looks more like the common methods used but is incredibly lacking. A taxonomy of cracking would be a 50 page thesis if done properly.

[NON]

Quote:

Originally Posted by chants

So that original list looks more like the common methods used but is incredibly lacking. A taxonomy of cracking would be a 50 page thesis if done properly.

I agree. The list is a little incomplete.
Sometimes it's better to remain a little silent...

This is not 50 pages and is rather lame, but a good start. See this paper here:

Quote:

https://forum.exetools.com/showthread.php?p=128880#post128880

Much more coming soon!

[blue_devil]

I will put dongles in the first place. Because those sticks might turn brick(I mean rubbish) and become useless. Then you need to call the c[o]mpany and ask for a replacement because dongle stick is not working anymore. So, of course, they will ask "hey what happened?" And you will answer "Hey we were working and the stick is not working anymore, we do not know what happened ¯\_(ツ)_/¯"

[Jasi2169]

Quote:

Originally Posted by blue_devil

I will put dongles in the first place. Because those sticks might turn brick(I mean rubbish) and become useless. Then you need to call the c[o]mpany and ask for a replacement because dongle stick is not working anymore. So, of course, they will ask "hey what happened?" And you will answer "Hey we were working and the stick is not working anymore, we do not know what happened ¯\_(ツ)_/¯"

I second that, thats really crazy,

[sendersu]

@Jasi2169
how about
- BF (bruteforcing) -looking for some password/etc for your target
- RSA priv key replacement + following kg-ing

[Asus]

I agree the first is UNPACKING.